HackThisSite Basic Mission 2 Walkthrough
This is a walkthrough of the basic challenge 2.
The voice-over for these videos is done by MicMonster AI TTS.
Basic 2 - Mission Briefing
When started the mission, we had a hint:
This time our Security-hero “Sam” made some improvements and set up a password protection script. He made it to load the real password from an unencrypted text file and compare it to the password we as an user enter. And of course, he forgot to upload the file…
Solution
If you think about it, he had a script that compares user password to the unencrypted text file.So if there is no file, what happens? There is nothing to compare the password to.
Solution here is to just leave the password field empty and press submit.
My thoughts about this challenge?
The challenge was a walk in a park, but I think that it teaches a good lesson - sometimes simple way is the right way.